1. Home
  2. CVE Database
  3. CVE-2011-0986
MEDIUM · 5.0

CVE-2011-0986

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the ...

Vulnerability Description

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
PhpmyadminPhpmyadmin2.11.0

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2011-0986?

CVE-2011-0986 is a vulnerability with a CVSS score of 5.0 (MEDIUM). phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the ...

How severe is CVE-2011-0986?

CVE-2011-0986 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2011-0986?

Check the references section above for vendor advisories and patch information. Affected products include: Phpmyadmin Phpmyadmin.